package samsung.sds.system.intercepter;

import java.lang.reflect.Field;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;

import samsung.sds.system.utils.CommonTools;
import samsung.sds.systemParamManagement.model.SystemParamEntity;
import samsung.sds.systemParamManagement.service.SystemParamManagementService;
import samsung.sds.userManagement.model.UserEntity;
import samsung.sds.userManagement.service.UserManagementService;

public class PasswordIntercept extends BaseIntercepter {
	private static final String passport_Value_RootCode = CommonTools.getKeyUUID();
	private static final String passport_Key = CommonTools.getKeyUUID();
	@Autowired
	private SystemParamManagementService systemParamManagementServiceImpl;
	
	@Autowired
	private UserManagementService userManagementServiceImpl;
	
	/**
	 * 需要进行验证的属性字段
	 */
	private String fieldName;
	
	/**
	 * 系统参数配置中的字段
	 */
	private String systemParam;
	
	/**
	 * session中设置的属性值(可以设置为空)
	 */
	private String sessionAttribute;
	
	/**
	 * 排除在外的URL地址（不进行拦截的）
	 */
	private String excludeUrls;

	/**
	 * 跳转的URL
	 */
	private String redirectUrl;

	public String getRedirectUrl() {
		return redirectUrl;
	}

	public void setRedirectUrl(String redirectUrl) {
		this.redirectUrl = redirectUrl;
	}
	
	public String getExcludeUrls() {
		return excludeUrls;
	}

	public void setExcludeUrls(String excludeUrls) {
		this.excludeUrls = excludeUrls;
	}
	
	public String getSessionAttribute() {
		return sessionAttribute;
	}

	public void setSessionAttribute(String sessionAttribute) {
		this.sessionAttribute = sessionAttribute;
	}
	
	public String getSystemParam() {
		return systemParam;
	}

	public void setSystemParam(String systemParam) {
		this.systemParam = systemParam;
	}
	
	public String getFieldName() {
		return fieldName;
	}

	public void setFieldName(String fieldName) {
		this.fieldName = fieldName;
	}
	
	/**
	 * 判断是否更改了系统初始密码,未更改时返回true,已更改返回false
	 */
	public boolean checkLogic(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception{
		HttpSession session = request.getSession(true);
		boolean flag = false;

		if (null != session) {
			SystemParamEntity systemParamManagementEntity ;
			systemParamManagementEntity = systemParamManagementServiceImpl.getSystemParamEntityFromCache(this.getSystemParam());
			UserEntity userForQuery = new UserEntity();
			userForQuery.setUsername(CommonTools.getSessionUserName());
			UserEntity user = this.userManagementServiceImpl
					.findUniqueByProperty(userForQuery);			
			String property = getProperty(user,this.getFieldName());

			if(user == null){
				session.setAttribute(this.getSessionAttribute(), "no");
				return flag;
			}
				
			if (property.equals(systemParamManagementEntity.getParamVal())) {
				//判断密码与系统初始密码相同时
				session.setAttribute(this.getSessionAttribute(), "yes");
				session.setAttribute(passport_Key,"Expired");
				flag = true;
			}else{				
				session.setAttribute(this.getSessionAttribute(), "no");
				session.setAttribute(passport_Key,getPassportValue(CommonTools.getSessionUserName()));
				flag = false;
			}
		}
		return flag;
	}
	
	
	/**
	 * 获取指定字段的值
	 * @param object 需要获取值的对象
	 * @param field 指定字段的名称
	 * @return 返回指定字段的属性值
	 * @throws IllegalArgumentException
	 * @throws IllegalAccessException
	 */
	private String getProperty(Object object,String field) throws IllegalArgumentException, IllegalAccessException{
		if (null == object) {
			return "";
		}
		Field fields[] = object.getClass().getDeclaredFields();
		String value = "";
		for(Field field2 : fields){
			if (field2.getName().equals(field)) {
				field2.setAccessible(true);
				value = field2.get(object).toString();
			}
		}
		return value;
	}
	
	public boolean isHavePassport(HttpServletRequest request, HttpServletResponse response, Object object){		
		HttpSession session = request.getSession(true);
		if (getPassportValue(CommonTools.getSessionUserName()).equals(session.getAttribute(passport_Key))){
			return true;		
		}
		return false;
		
	}
	/**
	 * 生成Passport 值的算法
	 * @param username
	 * @return
	 */
	private String getPassportValue(String username){
		return  DigestUtils.md5Hex(username)+passport_Value_RootCode;
	}

	@Override
	public Map<String, Object> getParam() {
		// TODO Auto-generated method stub
		Map<String , Object> map = new HashMap<String, Object>();
		map.put("excludeUrls", excludeUrls);
		map.put("redirectUrl", redirectUrl);
		return map;
	}
	 
}
